Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

Daily Report Wednesday, January 3, 2007

Daily Highlights

The Associated Press reports utility crews are continuing the effort to restore electrical service to tens of thousands of homes and businesses in Colorado and Kansas after a snowstorm last week; it could take more than a week to get them all back on line. (See item 2)·CBS4 reports a 20.year.old Wyoming man tried to open the door of a JetBlue plane while flying from Pittsburgh toward Boston, on Monday morning, January 1; he was subdued by passengers and flight attendants. (See item 16)·The Associated Press reports the government and the produce industry will issue new guidelines in April on how to prevent contamination throughout the food chain, seeking to avoid future E. coli food poisoning outbreaks involving spinach and lettuce. (See item 23)·The Times Argus reports that as of Monday, January 1, Vermont leads the country in emergency response systems, implementing a new enhanced 911 system, E911, completely based upon Internet technology. (See item 35)

Information Technology and Telecommunications Sector

38.January 02, IDG News Service— Alcatel.Lucent completes buy of Nortel 3G business. Alcatel.Lucent SA has closed its acquisition of Nortel Networks Corp.'s Universal Mobile Telecommunications System (UMTS) mobile infrastructure business, the companies announced Tuesday, January 2. Alcatel.Lucent announced plans to buy the third.generation (3G) networks business in September for $320 million less transaction costs. It has cleared the final regulatory approvals and closed the purchase on December 31, it said. The deal makes Alcatel.Lucent one of the largest providers of UMTS gear, with one in four UMTS operators worldwide using its products, the company said.Source: http://www.infoworld.com/article/07/01/02/HNalcatelnortel_1. html

39.January 02, Agence France.Presse— Emergency measures in Hong Kong after Webchaos. Hong Kong telecom authorities have assumed emergency powers as firms faced Internet disruption on the first day back to work Tuesday, January 2, after an earthquake damaged regional undersea data cables. Telecom and Internet service providers sent the city's telecom authority OFTA hourly updates on service capacity as repair ships struggled to mend fiber optic cables severed in the Boxing Day quake off Taiwan. OFTA had received only 20 inquiries from Internet users by mid.morning, suggesting that services had not been hit as hard as had been feared. By the close of business OFTA said traffic had moved smoothly and there had been no reports of serious congestion.Source: http://news.yahoo.com/s/afp/20070102/tc_afp/asiaquakeinterne t

40.January 01, eWeek— Apple vulnerability project launches with QuickTime exploit. An easy.to.exploit security vulnerability in Apple Computer's QuickTime media player could put millions of Macintosh and Windows users at risk of code execution attacks. The QuickTime flaw kicked off the Month of Apple Bugs project, which promises to expose unpatched Mac OS X and Apple application vulnerabilities on a daily basis throughout the month of January. According to an advisory released Monday, January 1, the flaw exists in the way QuickTime handles a specially rigged "rtsp://" URL. "By supplying a specially crafted string, [an] attacker could overflow a stack.based buffer, using either HTML, Javascript or a QTL file as attack vector, leading to an exploitable remote arbitrary code execution condition," said LMH, one of the mysterious hackers behind the controversial project. He described exploitation of the issue as "trivial" and warned that stack NX can also be rendered useless. LMH said the issue was successfully exploited in QuickTime Player Version 7.1.3. Previous versions are likely vulnerable as well. Both Microsoft Windows and Mac OS X versions are affected.Source: http://www.eweek.com/article2/0,1895,2078180,00.asp

41.December 29, IDG News Service— 'Happy New Year!' worm on the move. Verisign Inc. is warning of a new e.mail worm arriving in inboxes with the subject "Happy New Year!" The message, currently being spread from 160 e.mail domains, requires users to click on the attached "postcard.exe" file in order to cause damage. The file will install several different malicious code variants including Tibs, Nwar, Banwarum and Glowa on the computer. It then executes mass mailings from the infected computer. The worm is already being heavily spammed, Verisign said. The security company has found one network that is sending out five e.mails per second with the worm.Source: http://www.infoworld.com/article/06/12/29/HNhappynewyearworm _1.html

42.December 29, Associated Press— Taiwan telecom won't build additional backup. Taiwan's largest telecom company said Friday, December 29, it will not invest more in backup lines to protect against disasters like the recent earthquake that snarled telephone and Internet service across Asia, affecting service as far away as the United States. The quake, which damaged undersea cables off Taiwan on Tuesday, was so rare that there is no need to spend money on extra lines, said Wu Chih.ming, a senior official at Chunghwa Telecom Co., Taiwan's largest telecommunications company. "We won't consider laying more backup cables for now because such an incident might not happen in another 100 years," Wu said.Source: http://news.yahoo.com/s/ap/20061229/ap_on_hi_te/asia_telecom _crisis

43.December 29, Reuters— AT&T clears final hurdle to $86 billion BellSouth deal. AT&T Inc. on Friday, December 29, cleared the final U.S. regulatory hurdle to acquire local telephone carrier BellSouth Corp., bolstering the company's position as the top U.S. telephone provider. The Federal Communications Commission voted 4.0 to approve the $86 billion deal after AT&T promised to maintain "network neutrality" on its broadband platform for two years and not impose extra fees to carry certain providers' Internet content.Source: http://www.eweek.com/article2/0,1895,2078071,00.asp

44.December 28, IDG News Service— Alliance Data to buy another DoubleClick division. Transaction services provider Alliance Data Systems Corp. is to buy DoubleClick Inc.'s Abacus data management and analytical division for around $435 million in cash. It will be the second time within a year that Alliance Data has purchased technology from the privately.held online advertising firm.Source: http://www.infoworld.com/article/06/12/28/HNallianceduoblecl ick_1.html

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"